Google Yanks Buried Android Privacy Feature

Google removes an undocumented App Ops control panel from its latest release, Android 4.4.2, that had let users choose which app permissions to enable.

Google Barge: 10 Informative Images

(click image for larger view)

Google, in its Android 4.4.2 release a week ago, removed an undocumented, experimental privacy control panel that had been released inadvertently in July as part Android 4.3.

The control panel, called App Ops, allowed Android users to deny the availability of selected permissions in an app. Though it was not accessible to users without some technical knowledge, it was immediately noticed and made available through Android apps that provided shortcuts to the hidden interface.

App Ops turns Android's permission model on its head. Instead of allowing the developer to present a list of requested (and generally necessary) permissions to the user for all-or-nothing approval, the control panel allowed users to disable certain permissions while leaving others in place.

In a blog post Wednesday, Peter Eckersley, technical projects director at the Electronic Frontier Foundation, praised App Ops Launcher, a third-party shortcut app to App Ops, as "a huge advance in Android privacy." He lauded the Android engineers for "giving users more control of the data that others can snatch from their pockets."

Upon learning that Google's most recent Android update had eliminated the celebrated feature, Eckersley reported that Google said the feature had been released "accidentally" and had been withdrawn because it could break some apps. "We are suspicious of this explanation, and do not think that it in any way justifies removing the feature rather than improving it," he said in a second blog post.

When asked to explain the situation, Google declined to comment.

This is not the first time experimental code has come back to haunt Google. In 2010, when it disclosed that it had been inadvertently collecting WiFi payload data through its Street View cars, Alan Eustace, senior vice president of engineering and research, attributed the lapse to experimental WiFi data-gathering code that had been added to a project designed to collect a narrower, less sensitive set of data about WiFi network characteristics. To address the issue, Google conducted an internal review of its procedures "to ensure that our controls are sufficiently robust to address these kinds of problems in the future."

Perhaps Google's explanation would be less subject to suspicion if the company said that the unfinished software had been accidentally discovered, rather than accidentally released. That shifts the scenario from inattentive engineers to wily users.

Giving users control over an app's ability to access location data and contact data, to post notifications, to use the camera, and so on might have privacy benefits, but doing so also raises issues about where user rights start interfering with developer rights. Should app users have an easy way to deny, say, location data to a game designed to depend on it, like Google's Ingress, thereby rejecting the take-it-or-leave-it permissions request presented by the app maker? There are other issues, too, such as potential increased support costs when users revoke a necessary permission and then seek assistance to restore their no-longer-functional app.

Google had to confront this issue in AdBlock Plus, which it banned from Google Play for interfering with the functioning of other mobile apps. App alterations, whether they aim to block ads, revoke permissions, inject data, or alter an interface, often can be accomplished by the technically skilled. Usually, this isn't a problem. But when it becomes simple enough for anyone to do, and it presents problems for developers or platform owners, you can expect some friction.

Coincidentally, the software engineers working on Google+ might have already come up with an answer in the form of incremental authentication, a more granular approach to permissions. Android engineers, take note.

Thomas Claburn is editor-at-large for InformationWeek. He has been writing about business and technology since 1996 for publications such as New Architect, PC Computing, InformationWeek, Salon, Wired, and Ziff Davis Smart Business. He is the author of a science fiction novel, Reflecting Fires, and his mobile game Blocfall Free is available for iOS, Android, and Kindle Fire.

IT groups need data analytics software that's visual and accessible. Vendors are getting the message. Also in the State Of Analytics issue of InformationWeek: SAP CEO envisions a younger, greener, cloudier company (free registration required).

I will not download any app that requires access to my contacts, location, etc., etc,. etc., when it has absolutely no reason to do so. Sadly I upgraded and lost this control feature which did not seem to affect any app I removed contacts and location from. Given this deplorable state of privacy and control over my own device, the Play Store is quickly becoming my "dead zone" and will remain so until this feature is restored.

Expanding on the argument of literate users, come control should be provided to users regarding specific permissions. It would also expose apps taking unnecessary permissionse.g. a game requesting access to contacts information or call log.It would put users in control of their privacy and that is how it should be done.

Smart phone users are not that stupid as has been assumed. When a user is installing apps like Facebook, he/she knows that it needs internet access. If he didn't, why would he or she bother to install it in the first place?When users install apps from Play store, they know what those apps are used for. If I install some app and know its functioning, there is no sense of my blocking a permission that is necessary for app's working.

So it comes down to Droid users having to choose between privacy or security. Google needs to do the right thing and give users both instead forcing a choice otherwise all bets are off when it comes to competing with Apple.

A feature that gives users some control over permissions granted to Andoid apps. What a great idea for privacy. Google released it "accidentally" and now pulls it back? Was this accident discovered after some developers started standing Google's privacy model on its head? This incident doesn't resolve anything, but that's just it. You kind of assume the worst when it comes to Google on privacy.

Google should be shut down and their management should be thrown in prison for life. Every site should be privacy-based, by law. I like these companies (because of their great privacy): DuckDuckGo, Ravetree, and HushMail. Use them. Tell everyone about them. The more people that use privacy-based sites, the better they will become. We have to support them if we want to win the war on privacy.

Any one here with more information on Sandbox as i guess android application run in an isolated area of the system that does not have access to the rest of the system's resources, unless access permissions are explicitly granted by the user when the application is installed.

As an Android user, I personally would prefer to have more granularity in terms of privacy on some of these third party apps. Like the article points out, when an Android user downloads an app from Google Play, a splash screen appears telling the user what permissions the app must use, all in one list. You either take it or leave it.

I would rather be able to control these things through a console, which is what is described here. I think location, in particular, is something I am concerned about.

I've towed the Google line for more than a decade. Androids self starting, speed eating apps, contacts accessing apps have always been a scourge. I have been greatly enjoying app opps permission manager for a few weeks now. Im devastated that I no longer have that ability. I didn't know the consequences of updating. I wish I hadn't. So you all know, I also cannot turn off my gps now - perma on. I'll be changing op systems now. It's been a long time coming. Time I've wasted watching Google evolve into big brother.

To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.

Transformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.